How to fake source ip-address of a udp-packet?

2019-01-23 02:29发布

问题:

Think about the following:
Your ISP offers you a dynamic ip-address (for example 123.123.123.123).

My question is simple (the answer may not be):

Is it possible to send a single udp-packet with an outer source-ip (for example 124.124.124.124) to a fixed-ip server? I don't need to get an answer from the server. I just want to know if/how this one way communication can be done, using a faked source-ip address.

The server and no one else should not be able to find out the real client ip.

回答1:

The UDP packet does not actually have the source (your) IP address. The source IP address is part of the packet it is sent in. So you would have to modify the packet it is enclosed in. So while it is non-trivial, it is possible. The packet structure for UDP, and the enclosing packets for reference.



回答2:

This is IP-spoofing. Unless you ISP is a dodgy russian one, it will probably prevent you from doing that (the first router will just drop the packet because it is suspicious).

If you don't want to be identified you should try to find a proxy supporting UDP...

Or you can buy a botnet. :)

(if you didn't get it, that's a joke, don't do that)



回答3:

If you're ISP employs Egress filtering and they don't control the address block that 124.124.124.124 is on, then no.

If they do control it and expect that to be a valid IP leaving their site, possibly. They might tie IPs to MAC addresses and block this. Maybe not.

You could change the IP of your pc to that address and just use a program to send a udp packet. There's no such thing as a "fake IP". They all in the end do exist. They are either legitimately assigned or not.

Finally I would not suggest taking this action.



回答4:

You will need to have access your ISP Router in order to do that. If you send a raw UDP-Packet with all the information to the other server, the Router will encapsulate it in another Package with your real ip.